Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] Patch to vulns.lua to automatically generate structured output

From: Paulino Calderon <paulino () calderonpale com>
Date: Tue, 30 Sep 2014 18:19:12 -0500
Hi list,

This patch adds XML structured output support to all scripts using the library “vulns”. There are 42 scripts using this 
library at the moment and this will certainly encourage more users to use it to report vulnerabilities.

The output generated by scripts after this patch looks like the following:
<script id="http-vuln-cve2011-3368" output="&#xa;  NOT VULNERABLE:&#xa;  Apache mod_proxy Reverse Proxy Security 
Bypass&#xa;    State: NOT VULNERABLE&#xa;    IDs:  CVE:CVE-2011-3368  OSVDB:76079&#xa;    References:&#xa;      
http://osvdb.org/76079&#xa;      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368&#xa;";><elem 
key="title">Apache mod_proxy Reverse Proxy Security Bypass</elem>

<elem key="state">NOT VULNERABLE</elem>

<table key="ids">

<elem>CVE:CVE-2011-3368</elem>

<elem>OSVDB:76079</elem>

</table>

<table key="refs">

<elem>http://osvdb.org/76079</elem>

<elem>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368</elem>

</table>



I’ve accounted for all the field types available at the moment and internally I’m wrapping everything around 
stdnse.output_table() to generate the tables. Comments/suggestions are appreciated as always. 


Cheers!

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: